import tornado.web
from util.myjwt import myjwt
import json,time
from util.redis import r
class  BaseHandler(tornado.web.RequestHandler):
    # 重写该方法
    def set_default_headers(self):
        self.set_header("Access-Control-Allow-Origin", "*") # 允许所有的域名访问
        self.set_header("Access-Control-Allow-Headers", "*") # 允许携带所有的参数
        self.set_header("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE") # 允许所有的请求方式
        self.set_header("Access-Control-Max-Age", "3600") # 允许连接时，最大响应时间
    # 定义一个响应的方法，不需要实现什么功能
    def options(self):
        pass
    # def prepare(self):
    #     url = self.request.uri
    #     whitelist = ['/deng','/menu']
    #     if url not in whitelist:
    #     # 获取token
    #         headers = self.request.headers
    #         try:
    #             token = headers['token']
    #             flag = myjwt.jwt_check(token)
    #             if flag ==True:
    #                 payload = myjwt.jwt_de(token)
    #                 print('payload>>>>>>',payload)
    #                 ptime = payload['data']['exp']
    #                 now = time.time()
    #                 if int(now) - int(ptime) > 36:
    #                     self.finish({"code": 402})
    #                 # 判断此用户是否有权限访问
    #                 key = 'logoutlist'
    #                 res = r.sortedset_getall(key)
    #                 for i in res:
    #                     if token == i.decode():
    #                         self.finish({'code':409})
    #                 urls = r.list_pop("keys" + str(payload['data']['roleid']))
    #                 if url not in urls.decode():
    #                     return self.finish({"code": 400,'msg':'无权访问'})
    #             else:
    #                 self.finish({"code": 403})
    #         except:
    #             self.finish({"code": 401})
    # def prepare(self):
    #     uri = self.request.uri
    #     whitelist = ['/deng', '/resource', '/roles','/menu','/jue']
    #     if uri not in whitelist:
    #         #  获取token
    #         headers = self.request.headers
    #         # try:
    #         token = headers['token']
    #         print('token>>>>',token)
    #         flag = myjwt.jwt_check(token)
    #         print('flag>>>',flag)
    #         if flag == True:
    #             # 解析验证时间
    #             payload = myjwt.jwt_de(token)
    #             ptime = payload['data']['exp']
    #             now = time.time()
    #             if int(now) - int(ptime) > 3600:
    #                 self.finish({"code": 402})
    #             key = 'logoutlist'
    #             res = r.sortedset_getall(key)
    #             for i in res:
    #                 if token == i.decode():
    #                     self.finish({'code': 409})
    #             # 判断此用户是否有权限访问
    #             key = "interlist" + str(payload['data']['roleid'])
    #             interlist = json.loads(r.get_str(key))
    #             if uri not in interlist:
    #                 self.finish({"code": 408})
    #         else:
    #             self.finish({"code": 403})
    #     # except:
    #         self.finish({"code": 401})
    def prepare(self):
        uri = self.request.uri
        whitelist = ['/jue','/deng','/role','menu','/loginout']
        print(uri)
        if uri not in whitelist:
            headers = self.request.headers
            #  获取token
            try:
                token = headers['token']
                print('token',token)
                flag = myjwt.jwt_check(token)
                if flag == True:
                    print(flag)
                    # 解析验证时间
                    payload = myjwt.jwt_de(token)
                    ptime = payload['data']['exp']
                    now = time.time()
                    if int(now) - int(ptime) > 3600:
                        self.finish({"code": 402})
                    # 判断此token是否已经退出
                    key = 'logoutlist'
                    res = r.sortedset_getall(key)
                    for i in res:
                        if token == i.decode():
                            self.finish({'code': 409})
                    # 判断此用户是否有权限访问
                    key = "interlist" + str(payload['data']['roleid'])
                    interlist = json.loads(r.get_str(key))
                    print(">>>>>>>>>>>>>>>>>>>.", interlist)
                    if uri not in interlist:
                        self.finish({"code": 408})

                else:
                    self.finish({"code": 403})
            except:
                self.finish({"code": 401})
